Bug 480432 - setroubleshootd killed - apparently by selinux
setroubleshootd killed - apparently by selinux
Product: Fedora
Classification: Fedora
Component: setroubleshoot (Show other bugs)
All Linux
low Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2009-01-16 23:02 EST by Michal Jaegermann
Modified: 2009-01-19 16:17 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-01-19 15:42:27 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
a file found in /var/log/setroubleshoot/ (974 bytes, text/plain)
2009-01-16 23:02 EST, Michal Jaegermann
no flags Details

  None (edit)
Description Michal Jaegermann 2009-01-16 23:02:04 EST
Created attachment 329273 [details]
a file found in /var/log/setroubleshoot/

Description of problem:

On a freshly installed "from scratch" F10 system setroubleshootd dies in what it looks like at random.  Traces show up in "bad" moments, like a shutdown sequence or during a boot (where they will be wiped out before there will be a chance to look at those) but I managed to get the following one:

 Traceback (most recent call last):
  File "/usr/lib/python2.5/site-packages/setroubleshoot/analyze.py", line 350, in auto_save_callback
  File "/usr/lib/python2.5/site-packages/setroubleshoot/analyze.py", line 327, in save
    self.sigs.write_xml('sigs', self.filepath)
  File "/usr/lib/python2.5/site-packages/setroubleshoot/xml_serialize.py", line 308, in write_xml

No idea how complete that may be.

Nothing of that sort in logs anywhere. At this moment
'service setroubleshoot status' responds with:

setroubleshootd dead but pid file exists

That happened already a number of times on a machine installed yesterday

Everything I found in /var/log/setroubleshoot/setroubleshootd.log is attached.

What is even more disconcerting is that selinux has constant complaints
about wpa_supplicant, NetworkManager, console-kit-daemon, pm-powersave,
gdm-session-worker, dbus-daemon, sendmail.  Rebooting after
'touch /.autorelabel' did not help.  'rpm -V ...' on various related
packages is always silent.

Version-Release number of selected component (if applicable):

Additional information:
The machine on which this happens is eeepc 1002HA netbook.
Comment 1 Daniel Walsh 2009-01-19 15:42:27 EST
Are you running an ext4 file system?  If so you need to update to the latest kernel.  There is a bug in the kernel that causes lots of confined domains to get spurious sys_resource avc messages,  Any avc messages about setroubleshoot cause it to exit to prevent infinite loops.

Please update to the latest kernel.
Comment 2 Michal Jaegermann 2009-01-19 16:05:50 EST
> Are you running an ext4 file system?

Yes, indeed, I do on that particular machine.

> If so you need to update to the latest kernel.

But it is already running the latest kernel from the current updates, i.e  Or you mean something from updates-testing?  Or from koji? Is there some known minimum which is required?
Comment 3 Daniel Walsh 2009-01-19 16:14:42 EST and later according to the changelog.
Comment 4 Daniel Walsh 2009-01-19 16:17:20 EST I mean.

Note You need to log in before you can comment on or make changes to this bug.